REMARKS 

Reconsideration of the application in view of the above amendments and the 
following remarks is respectfully requested. Claims 1,4-11, 17, and 20-27 have been 
amended. No claims have been added. Claims 2, 18, and 33-36 have been cancelled. 
Thus, Claims 1, 3-17, and 19-32 are currently pending in the application. 

Interview Summary 
The Applicant thanks the Examiner for the Interview conducted on March 21, 
2005. The interview was between Examiner Wu and the Applicant's Attorney, 
Christopher J. Brokaw. Pending Claim 1 that was rejected in the Office Action was 
discussed along with U.S. Patent No. 5,842,002 issued to Schnurer et al. ("Schnurer"). 
No agreement was reached. The Applicant is providing herein the amendment that was 
discussed during the interview. 

Claim Rejections - 35 U.S.C. § 103(a) 
In the Office Action, the Examiner rejected Claims 1-36 under 35 U.S.C. § 103(a) 
as being anticipated by Schnurer. Claims 1 and 17 have been amended to more 
particularly identify and distinctly claim subject matter to which the Applicant wishes to 
receive patent protection. 

Independent Claim 1 
With regard to independent Claim 1, there is recited: 

A computer-implemented method for generating a transformation document, 
comprising: 
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establishing a limited environment within a general environment, wherein 
said limited environment comprises at least one mock resource, wherein said 
general environment comprises at least one real resource, wherein said limited 
environment and said general environment are both provided by the same 
operating system, and wherein programs executing within said limited 
environment cannot access the one or more real resources in said general 
environment ; 

executing at least a portion of an untrusted program within said limited 
environment; and 

examining said limited environment after execution of at least said portion 
of said untrusted program to check for undesirable behavior exhibited by said 
untrusted program (emphasis added). 

Claim 1 provides an advantageous method for executing an untrusted program. 
According to Claim 1 , a computer-implemented method establishes a limited 
environment within a general environment. The general environment comprises one or 
more real resources, while the limited environment comprises one or more mock 
resources. The general environment and the limited environment are both provided by 
the same operating system. Programs executed within the limited environment cannot 
access the one or more real resources of the general environment. The limited 
environment is examined after execution of the untrusted program to check for 
undesirable behavior exhibited by the untrusted program. Advantageously, the behavior 
of the untrusted program may be verified without putting the real resources in the general 
environment at risk. 

Such a method is neither disclosed nor suggested by Schnurer. Instead, Schnurer 
discloses an approach for a computer virus trapping device ("the trapping device") that 
creates a virtual world that simulates a host computer system ("the protected device") 
intended by a virus to infect (Abstract). To prevent the virus from spreading from the 
trapping device to other devices when the trapping device accesses suspicious data that 
may contain a virus, the trapping device includes an emulation means that emulates an 
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operating environment (i.e., the "virtual world") that is foreign to the native operating 
system of the trapping device (Col. 7, lines 4-18). In other words, to ensure that viruses 
cannot spread from the trapping device, (a) the virtual world simulates the operating 
system of the protected device, and (b) the trapping device uses a different operating 
system than emulated by the virtual world. The trapping device is placed in front of the 
protected device. The trapping device passes suspicious data containing the potential 
virus directly through to the protected device, in addition to simultaneously processing 
the data containing the potential virus. (Col. 6, lines 57-58; trap device 10 in FIG. 3 and 
FIG. 4; Col. 8, lines 50-52). Upon detection of a virus, the trapping device may take an 
action, such as notifying an administrator (See step 52 of FIG. 1). 

At a high level, both Schnurer and Claim 1 are directed towards similar subject 
matter, namely executing a potential computer virus in an emulated environment. 
However, beyond this broad generalization, the approach of Schnurer and the approach 
of Claim 1 are fundamentally different. 

Given the stark contrasts between Schnurer and the approach of Claim 1, 
Schnurer cannot possibly teach a system wherein a general environment as claimed exists 
on either (a) the protected device, or (b) the trapping device . Schnurer teaches a method 
in which a virtual world is emulated on a different physical machine than the physical 
machine to be protected (Col. 6, lines 57-58; trap device 10 in FIG. 3 and FIG. 4; Col. 8, 
lines 50-52), thus Schnurer cannot possibly teach a general environment, as featured in 
Claim 1, existing on the protected device because, as featured in Claim 1, the general 
environment and the limited environment are provided by the same operating system. 
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Also, Schnurer teaches that to prevent a virus from spreading from the trapping 
device when the trapping device accesses suspicious data, the trapping device includes an 
emulation means that emulates an operating environment that is foreign to the operating 
system of the trapping device (Col. 7, lines 4-18). As a result, Schnurer cannot possibly 
teach a system wherein a general environment, as featured in Claim 1, exists on the 
trapping device because, as featured in Claim 1, the limited environment and the general 
environment are provided by the same operating system. These and other fundamental 
differences between the approach of the claims and that of Schnurer shall be explained in 
further detail below. 

Schnurer Does Not Teach the General Environment on the Protected Device 

Claim 1 recites the feature of: 

"wherein the limited environment and the general environment are both 
provided by the same operating system" 

In citing Schnurer to reject Claim 1, the argument of the Office Action rests on a 
showing that the emulated, virtual world environment of Schnurer is analogous to the 
limited environment, and the operating system of the protected device is analogous to the 
general environment. 

Assuming, arguendo, that such an analogy may be made, numerous elements of 
Claim 1 would not be satisfied by Schnurer, 

Schnurer shows an emulated environment (generated by emulation means 48 on 
virus trapping device 10) that is completely separate from the general environment to be 
protected. Schnurer makes clear that virus trapping device 10 is separate from the device 
to be protected. Schnurer states: 
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the file server 42 is the computer system to be protected. The virus 
trapping device 10 is placed in the data stream that connects the filer [sic] 
server 42 to other workstations 38. . .In this scenario, all traffic to and from 
the file server 42 is monitored for viruses by the trap 10 (Col. 6, lines 42- 
50). 

Further, the figures of Schnurer clearly identify the trapping device 10 to be different 
from the computer system to be protected. For example: 

(1) On FIG. 1, the emulation box 48 is separate and distant from the protected 
computer system 28; 

(2) On FIG. 3, the trapping device 10 is separate and distinct from the device 
to be protected 42; and 

(3) On FIG. 4, the trapping device 10 is separate and distinct from the node to 
be protected 32. 

Each physical machine executes its own operating system. Since the trapping 
device and the protected device are clearly different machines, the trapping device and 
the protected device are executing different operating systems. Thus, the approach of 
Schnurer cannot possibly show "wherein the limited environment and the general 
environment are both provided by the same operating system" as featured in Claim 1 . 
Therefore, it is respectfully submitted that this element is not disclosed, taught, or 
suggested by Schnurer, and that Claim 1 is patentable over the cited art and is in 
condition for allowance. 

Moreover, as explained below, an argument that Schnurer teaches the general 
environment, as featured in Claim 1, by the trapping device cannot be supported. 
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Schnurer Does Not Teach a General Environment on the Trapping Device 

Claim 1 recites the features of: 

"wherein said limited environment and said general environment are both 
provided by the same operating system," 
and 

"wherein programs executing within said limited environment cannot 
access the one or more real resources in said general environment;" 

As shown in the above-quoted elements of Claim 1, Claim 1 requires that (a) the 
limited and the general environment are provided by the same operating system, and (b) 
programs executing within the limited environment cannot access the one or more real 
resources of the general environment. Schnurer provides no teachings of these features. 

In sharp contrast, Schnurer contains very strong language indicating that the 
approach of Schnurer can only ensure that the virus may be contained within the virtual 
world of Schnurer when the virtual world is emulated using a different operating system 
that the operating system of the trapping device creating the virtual world. 

For example, Schnurer states: 

"without the use of a foreign operating system the invention itself risks 
contamination. A foreign operating system different from the one being 
protected is introduced into the data stream before the data arrives at the 
computer system to be protected" (Col. 4, lines 16-20). 

"the virus cannot escape the emulation box 48 because the box exists in a 
foreign operating environment..." (Col. 7, lines 15-16). 

"One characteristic of almost all viruses is that one their own they are not 
capable of crossing from one computer OS to another" (Col. 3, lines 59- 
61). 

Thus, it is clear that the approach of Schnurer requires the emulated, virtual world 
to be implemented using a different type of operation system than the trapping device to 
prevent viruses from escaping from the trapping device. 
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While Schnurer does raise the possibility that the emulated, virtual world may 



emulate the same type of operating system as used by the trapping device, Schnurer is 
clear that in doing so viruses may escape the trapping device. For example, Schnurer 
states: 

"The inventors recognize that it can be done without a transplatform, but it 
will be slow and absolutely unsafe. The use of a foreign operating system 
can be likened to the use of lead walls and glass walls and mechanical 
arms used by people manipulating radioactive materials in a lab. While it 
is certainly possible to pick up radioactivity with one's bare hands, it is not 
highly recommended or is it safe. While the invention can be had without 
the use of a foreign operating system, it is not highly recommended nor is 
it safe" (Col. 4, line 63 - Col. 5, line 5). 

"The use of a foreign operating system guarantees the invention a high 
degree of safety and impenetrability. While the inventors recognize that 
such invention can be built without the use of a foreign operating system, 
such a version of the invention would lack any credible degree of security. 
In addition, without the use of a foreign operating system the invention 
itself risks contamination." (Col. 4, lines 11-17). 

Thus, to the extent that Schnurer teaches using the same type of operating system 
in the virtual world as the operating system of the trapping device, Schnurer does not 
teach any way that such an approach could satisfy the limitation of "wherein programs 
executing within said limited environment cannot access the one or more real resources 
in said general environment" as expressly featured in Claim 1. 

Further, Schnurer does not contain any suggestion that the emulated, virtual world 
is the same operating system as that used by the trapping device. Indeed, Schnurer 
teaches away from such a suggestion, since that characterization of an "emulated, virtual 
world" clearly is different and distinct from the real operating system employed by the 
trapping device. As a result, the approach of Schnurer cannot possibly show the above- 
quoted combination of elements featured in Claim 1. 
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As one or more express elements of Claim 1 are not disclosed, taught, or 
suggested by Schnurer, it is respectfully submitted that Claim 1 is patentable over the 
cited art and is in condition for allowance. 

Claims 3-17 and 19-32 
Claims 3-16 are dependent claims, each of which depends (directly or indirectly) 
on Claim 1. Each of Claims 3-16 is therefore allowable for at least the reasons given 
above with respect to Claim 1 . In addition, each of Claims 3-16 introduces one or more 
additional limitations that independently render it patentable. Due to the fundamental 
differences already identified, to expedite the positive resolution of this case, a separate 
discussion of the limitations of Claims 3-16 is not included at this time. The Applicant 
reserves the right to further point out the differences between the cited art and the novel 
features recited in the dependent claims. 

Claims 17 and 19-32 include limitations similar to Claims 1 and 3-16 respectively, 
except in the context of computer-readable media. It is therefore respectfully submitted 
that Claims 1 7 and 1 9-32 are patentable over Schnurer for at least the reasons given 
above with respect to Claims 1 and 3-16. 

A Java Virtual Machine is Not a Limited Environment 
During the Interview of March 21, 2005, a suggestion was made that a Java 
Virtual Machine (JVM) may be analogous to a limited environment. The Applicant 
respectfully disagrees that a JVM could suggest a limited environment as claimed, due to 
the numerous express claim limitations that would not be met. For example, Claim 1 
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recites the features of "wherein said limited environment comprises one or more mock 
resources," "wherein said limited environment and said general environment are both 
provided by the same operating system," and "wherein programs executing within said 
limited environment cannot access the one or more real resources in said general 
environment." It is respectfully submitted that a JVM (a) contains real resources, not 
mock resources, (b) is not provided by the same operating system as a general 
environment, and (c) programs executed within a JVM can access the real resources of a 
general environment, e.g., the motivation of providing a JVM is to enable programs to 
access the real resources of the machine executing the JVM. 

As a result, a JVM cannot possible be analogous to a "limited operating system 
environment," as featured in Claim 1 . 
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CONCLUSION 



For the reasons given above, the Applicant submits that the pending claims are 
patentable over the art of record, including the art cited but not applied. Accordingly, 
allowance of all pending claims is respectfully solicited. 

The Examiner is invited to telephone the undersigned at (408) 414-1225 to 
discuss any issue that may advance prosecution. 

No fee is believed to be due specifically in connection with this Reply. The 
Commissioner is authorized to charge any fee that may be due in connection with this 
Reply to our Deposit Account No. 50-1 302. 



Respectfully submitted, 



HICKMAN PALERMO TRUONG & BECKER LLP 



Dated: April 8, 2005 
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